A recent announcement from a certificate-authorizing organization, Let’s Encrypt, states that around 30% of the websites will stop working on many older Android devices starting from 2021. This will be a result of the termination of Let’s Encrypt’s partnership with another cert-authorizing organization called Identrust.
Now, for the unaware, Let’s Encrypt is one of the world’s most prominent digital certificate-authorizing committee. When the organization came into being, it applied to include its “ISRG Root X1” root certificate in all web browsers and operating systems. These certificates are also cross-signed by Identrust with its own “DST Root X3” root certificate and are used by around 30% of all the websites on the web.
So, according to a recent announcement, the partnership between Let’s Encrypt and Identrust will expire on September 1, 2021. Moreover, they do not plan to extend the partnership due to unknown reasons.
As a result, all the web browsers and OSes won’t be getting support for the “ISRG Root X1” root certificate from Let’s Encrypt. Hence, they will no longer work with websites that use the group’s collaborative certificate.
According to the announcement, this will affect devices running Android 7.1 as the software hasn’t been updated since 2016.
“Some software that hasn’t been updated since 2016 (approximately when our root was accepted to many root programs) still doesn’t trust our root certificate, ISRG Root X1. Most notably, this includes versions of Android prior to 7.1.1. That means those older versions of Android will no longer trust certificates issued by Let’s Encrypt.”, read the official announcement.
Now, apart from affecting around 30% of the websites, this situation would not affect any other functionality of the devices. Moreover, older Android device owners can use the Firefox browser, which uses its own certification which includes the ISRG root certificate.